Skip to main content
CVE-2019-10708 CRITICAL POC Act Now

S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP S Cms
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2019-10707 CRITICAL POC Act Now

MKCMS V5.0 has SQL injection via the bplay.php play parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Mkcms
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-10692 CRITICAL POC PATCH THREAT Act Now

In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP SQLi WordPress Google Wp Go Maps
NVD
CVSS 3.1
9.8
EPSS
78.7%
CVE-2019-9759 CRITICAL POC Act Now

An issue was discovered in TONGDA Office Anywhere 10.18.190121. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Microsoft PHP Office Anywhere
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-6506 CRITICAL Act Now

SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Suitecrm
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2019-7475 CRITICAL Act Now

A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft VMware Sonicwall Sonicos +1
NVD
CVSS 3.1
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy